[jira] Commented: (CXF-2311) client can't be used with different ws security users

Mon, 29 Jun 2009 13:18:13 -0700 

    [ 
https://issues.apache.org/jira/browse/CXF-2311?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12725327#action_12725327
 ] 

Daniel Kulp commented on CXF-2311:
----------------------------------


Are you sure this doesn't already work?  At least with 2.2.2?

Looking at that code, for everything OTHER than the Action and Actor, it seems 
to check the msg context for any properties.    Thus, just doing something like:

((BindingProvider)client).getRequestContext().put(WSHandlerConstants.USER, 
"joe");

 and similar should work.



> client can't be used with different ws security users
> -----------------------------------------------------
>
>                 Key: CXF-2311
>                 URL: https://issues.apache.org/jira/browse/CXF-2311
>             Project: CXF
>          Issue Type: Bug
>          Components: WS-* Components
>    Affects Versions: 2.2.1, 2.2.2
>         Environment: webservice client
> ws-security authentication
> stateless session bean in an application server (JBoss)
>            Reporter: Sven Reinhardt
>            Priority: Blocker
>   Original Estimate: 240h
>  Remaining Estimate: 240h
>
> - in a managed environment such as an application server it is impossible to 
> use a generated webservice client with ws-security authentication with 
> different users 
> - the client seems to be a singleton and the WSS4JOutInterceptor is attached 
> to the client, so it can't be changed for a single request without changing 
> it for other callers
> - so the current implementation adds a kind of state to the client which the 
> webservice dosn't have
> - there is no real request context for a single request to submit the 
> ws-security credentials to a potential context sensitive security interceptor
> -creating a client for everey request, after removing the client from the 
> factory
>   <code>
>   jaxWsProxyFactoryBean.getClientFactoryBean().setClient(null);
>   jaxWsProxyFactoryBean.create();
>   </code>
> results in a heavy memory loss
> -possible solution: create a by request context and add to generated clients, 
> create a context sensitive ws-security interceptor 

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to